feat(auth): remote and local third-party authentication

2023-07-26 07:14:49 -06:00
parent 42d49eb090
commit 8e88b5a7f1
13 changed files with 307 additions and 63 deletions
--- a/misc/packaging/common/config-server.yml
+++ b/misc/packaging/common/config-server.yml
@ -2,8 +2,6 @@ logger:
  level: 1
  format: human
 server:
-  privateKeyPath: /var/lib/emissary/server-key.json
-  issuer: http://127.0.0.1:3000
  http:
    host: 0.0.0.0
    port: 3000
@ -25,3 +23,11 @@ server:
      - Authorization
      - Sentry-Trace
  debug: false
+  auth:
+    local:
+      privateKeyPath: /var/lib/emissary/server-key.json
+    roleExtractionRules:
+      - "jwt.role != nil ? str(jwt.role) : ''"
+    remote: ~
+      # jwksUrl: https://my-server/.well-known/jwks.json
+